Forum Discussion

Joe_Brandon's avatar
Joe_Brandon
Icon for Altostratus rankAltostratus
Mar 23, 2022
Solved

F5 AFM as Main Network Firewall

Hi Everyone,

I am asking this question because i want to migrate lots of firewalls and have very nice experience with BIG-IQ management center.

I have an odd question about AFM. is there any chances to use AFM in firewall mode as the network (LAN) main firewall for serving internet and datacenter resources to users like a Core firewall and UTM ?

if yese please guide me .

 if not pleae advice some 

  • Hi Joe,

    AFM is a data center firewall, not a perimetral firewall, and in other architectures, it can be used as a DDOS for L3 and L4 protection, Thinking in AFM as a perimetral or UTM is probably a wrong approach.

    The current Advanced Firewalls has a lot of features that AFM does not as:
    Visibility into the application activity at a user level.
    User-based Analysis, Reporting, and Forensics.
    Malware and Virus Protection.
    Cloud packet analysis.
    Visibility into your applications, web traffic, threats, and data patterns.

    And many more that AFM as a perimetral firewall doesn´t have, in my point of view is not the most sophisticated and secure.

    Regards.

    Sebastián.

1 Reply

  • Hi Joe,

    AFM is a data center firewall, not a perimetral firewall, and in other architectures, it can be used as a DDOS for L3 and L4 protection, Thinking in AFM as a perimetral or UTM is probably a wrong approach.

    The current Advanced Firewalls has a lot of features that AFM does not as:
    Visibility into the application activity at a user level.
    User-based Analysis, Reporting, and Forensics.
    Malware and Virus Protection.
    Cloud packet analysis.
    Visibility into your applications, web traffic, threats, and data patterns.

    And many more that AFM as a perimetral firewall doesn´t have, in my point of view is not the most sophisticated and secure.

    Regards.

    Sebastián.